IT Security & Infrastructure Manager

About the job

Testlio is the originator of fused software testing, a unique approach to testing that combines humans and machines to help digital innovators deliver quality products at scale. In any location. On any device. In any language. Via any payment method. The company is distributed by design, with full-time people worldwide and part-time freelancers in over 150 countries. Clients include Amazon, Athenahealth, Microsoft, the NBA, Netflix, PayPal, Uber, Wayfair, and many more. Collectively, they have awarded us an industry-leading 4.7 G2 rating. To learn more, visit www.testlio.com.

In this exciting role, you'll join our growing team as the IT Security & Infrastructure Manager. You'll report directly to the VP of Engineering and will be responsible for leading our IT security strategy and ensuring our operations and infrastructure are secure & effective. This role offers a unique opportunity to combine leadership with hands-on execution, making a significant contribution to the future of Testlio and ensuring we stay at the forefront of industry standards and innovation.

Please note: based on our remote work approach and compensation strategy, we are not considering candidates from expensive areas such as Berlin, London, Paris, Singapore, etc.

Why you will love this job?

• Strategic Impact: In this critical role, you'll have a direct impact on our ability to secure & retain client contracts and grow our business. Your leadership in shaping the security landscape supports Testlio’s core business operations and growth.
• Hands-On Leadership: This role blends strategic oversight with direct execution. You will not only devise security policies but also actively engage in implementing these critical measures.
• Actionable security: As a key leader of the DevOps guild, you will ensure that security isn't an afterthought. You'll lead the efforts to seamlessly integrate it within our DevOps practices, elevating operational efficiency and resilience across the company.
• Staying ahead of Emerging Threats: You'll be proactively discovering & addressing emerging cyber threats, particularly those posed by continuous AI advancements. You'll be at the forefront of our security posture, infusing our innovation roadmap with resilient security protocols that safely support our growth trajectory.

Why you will love being a part of Testlio?

• A true sense of belonging: the TestLion Pride is a global community of like-minded people who live Testlio’s six values every day.
• Growth through learning: knowledge exchange and learning are central to working at Testlio. You’ll find that motivated, experienced TestLions with diverse backgrounds can always introduce you to new perspectives.
• Enable human possibilities: your work at Testlio has a larger purpose. As a TestLion you will not only help our customers create well-built digital experiences for their users, but also create opportunities for Testlio's freelance network, and support social impact programs like Ignite.
• Freedom to roam: Testlio is a global company that embraces flexibility. You'll have room to work wherever within your region's main time zones. We also want to make sure you can take time off from work to rest. We honor national holidays in your home nation and provide a generous number of days off, including personal wellness days.

What would your day look like?

• Develop and enforce security policies and procedures that are aligned with industry best practices and compliance requirements. Lead the effort to achieve and maintain industry security certifications (e.g. SOC 2, ISO 27001).
• Proactively conduct security audits and risk assessments, including code reviews, penetration testing, and vulnerability scanning, to identify and mitigate vulnerabilities across the development lifecycle (SSDLC).
• Oversee incident response procedures, ensuring timely detection, containment, and remediation of issues to all critical infrastructure & operations.
• Develop and deliver security awareness training programs to educate employees on security best practices and potential threats.
• Monitor cloud infrastructure regarding security, availability, performance, and scalability & develop plans to bring them to optimal levels. Manage disaster recovery and business continuity procedures.
• Lead the DevOps guild & mentor the DevOps team, integrating security and operational resilience in CICD pipelines, IaC implementations & general DevOps practices.
• Collaborate with cross-functional teams to ensure security is a key consideration in all critical processes.
• Hands-on involvement with the teams, to make progress, troubleshoot, automate, or unblock key initiatives.
• Stay up-to-date on the latest security threats and trends.

What you need to succeed?

Technical Skills

• A university degree in Computer Science, Information Security, or a related field.
• Minimum 3-4 years of experience in IT security, risk management, compliance & certification processes. Professional certification in security (e.g. CISSP, CCSP, CISM, CompTIA Security+) is highly desirable.
• Proven track record of implementing and maintaining security best practices. Experience with security frameworks and compliance standards (e.g., SOC 2, ISO 27001) a plus.
• Solid background in infrastructure management with hands-on experience in cloud platforms (preferably AWS), CICD and Infrastructure-as-Code tools & languages.

Human Skills

• Proactive, results-oriented, with a strong work ethic and passion for security.
• Hands-on leader, with strong problem-solving skills, diving head-first on difficult problems to unblock the team and deliver the result on time, on-scope.
• Diligent & detail-oriented, with a strong focus on quality in all aspects of security and infrastructure management.
• Fluent English communicator & influencer, capable of explaining complex requirements and convincing for their urgency & importance, across all levels of the organization.
• Preference for a remote working environment

What is the Candidate Consideration Process

We seek to hire individuals who will be excited about their role and have the potential to grow with Testlio. Since we are 100% distributed, it’s important for us to provide you the opportunity to meet with multiple stakeholders throughout the organization. This gives you insight into the role and a chance to interact with future peers. Our interview process can take about 4 to 6 weeks to complete as we want to ensure a great fit for everyone.

• Application
• Hiring manager interview
• Multipart TestGorilla assessment
• Reference checks
• 3-5 Team and Stakeholder interviews
• Hiring manager additional conversations
• Offer & background check

Diversity and Inclusion

Testlio is an equal-opportunity employer deeply committed to creating an inclusive environment for people of all backgrounds and identities. We are female-founded and 46% of our team identifies as women. See the DEI section of our website for more information.